9.8
CVE-2025-30026
- EPSS 0.59%
- Veröffentlicht 11.07.2025 06:15:24
- Zuletzt bearbeitet 16.01.2026 14:56:23
- Quelle product-security@axis.com
- CVE-Watchlists
- Unerledigt
The AXIS Camera Station Server had a flaw that allowed to bypass authentication that is normally required.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Axis ≫ Camera Station Version < 5.58.47195
Axis ≫ Camera Station Pro Version >= 6.0.25729 < 6.9.47069
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.59% | 0.437 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| product-security@axis.com | 5.3 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-288 Authentication Bypass Using an Alternate Path or Channel
The product requires authentication, but the product has an alternate path or channel that does not require authentication.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://www.axis.com/dam/public/a3/42/92/cve-2025-30026pdf-en-US-485735.pdf